FYI: This is the apache commons statement regarding this issue: http://markmail.org/message/l3cu5ughkm3abbth?q=list:org%2Eapache%2Eannounce/
> On 10.11.2015, at 15:41, Ronny Trommer <ro...@opennms.com> wrote: > > Hi Michael, > > We sent information about this issue to opennms-announce mailing list and > first information addressing this issues can be find here: > > http://www.adventuresinoss.com/2015/11/09/opennms-rmi-exploit/ > <http://www.adventuresinoss.com/2015/11/09/opennms-rmi-exploit/> > http://www.opennms.eu/2015/11/security-java-rmi-exploitation/ > <http://www.opennms.eu/2015/11/security-java-rmi-exploitation/> > The following JIRA issues addressing this topic: > http://issues.opennms.org/browse/NMS-7971 > <http://issues.opennms.org/browse/NMS-7971> > > thank you giving us this important hint. > > -- > Ronny Trommer, OGP > Germany :: Fulda :: Stuttgart > Web: http://www.opennms.org <http://www.opennms.org/> > > PGP Key Fingerprint: 4A1B 4D06 FEEC 244D 38EF 8074 9075 B2E5 08A2 451E > PGP Key Server1: https://keyserver.pgp.com <https://keyserver.pgp.com/> > PGP Key Server2: http://pgp.mit.edu/ <http://pgp.mit.edu/> > > >> On 07.11.2015, at 11:00, Michael Banck <michael.ba...@credativ.de >> <mailto:michael.ba...@credativ.de>> wrote: >> >> Hi, >> >> probably you heard about it already, but I noticed OpenNMS (through RMI, >> not sure how relevant that is these days) was mentioned in this article: >> >> http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#opennms >> >> <http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#opennms> >> >> >> Cheers, >> >> Michael >> >> -- >> Michael Banck >> Projektleiter / Berater >> Tel.: +49 (2161) 4643-171 >> Fax: +49 (2161) 4643-100 >> Email: michael.ba...@credativ.de >> >> credativ GmbH, HRB Mönchengladbach 12080 >> USt-ID-Nummer: DE204566209 >> Hohenzollernstr. 133, 41061 Mönchengladbach >> Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Please read the OpenNMS Mailing List FAQ: >> http://www.opennms.org/index.php/Mailing_List_FAQ >> >> opennms-devel mailing list >> >> To *unsubscribe* or change your subscription options, see the bottom of this >> page: >> https://lists.sourceforge.net/lists/listinfo/opennms-devel >
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------
_______________________________________________ Please read the OpenNMS Mailing List FAQ: http://www.opennms.org/index.php/Mailing_List_FAQ opennms-devel mailing list To *unsubscribe* or change your subscription options, see the bottom of this page: https://lists.sourceforge.net/lists/listinfo/opennms-devel
